When and how to use traffic capture tools such as Wireshark and tcpdump

Other sources of traffic information such as flow analysis and NetflowV9

How to analyse IPv6 traffic flows

Where to obtain IPv6 network forensics data in different network nodes

How to capture and analyse IPv6 application protocols and data

Capturing forensics information for network devices such as switches, routers and firewalls

How to carry out advanced IPv6 forensics investigations dealing with specific IPv6 attacks

How to carry out advanced IPv6 forensics investigations dealing with IPv6 transition scenarios

Course Benefits

IPv6 is steadily replacing IPv4 as the network protocol that underpins the global Internet. The deployment of IPv6 brings with it the need to be able to carry out forensics investigations on IPv6 networks, network devices, nodes and applications.

In this course, you will learn the fundamentals of digital forensics, network forensics and the details of how you should apply these to IPv6 networks.

You will learn the types of evidence available to you in IPv6 networks, where you can obtain it, how you should acquire it and how you can interpret it.

You will also gain experience with using a wide variety of tools to collect and analyse IPv6 evidence on networks and devices.

Who should attend?

This course is aimed and security, forensic and law enforcement professionals responsible for forensics in modern IPv6 enabled networks.

The techniques and tools taught in this cause will also be of interest to a wider audience of networking professionals whose roles include network security and incident response.

A good knowledge of general networking concepts is assumed. Previous training and experience in IPv6 is recommended.

Whilst this course focuses on IPv6, many of the techniques and tools are also equally applicable to legacy IPv4 networks.